The following Fedora EPEL 7 Security updates need testing: Age URL 10 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-01179f6b9f suricata-4.1.9-1.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-e6c7b4cbec tcpreplay-4.3.3-3.el7 3 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-284f18e5de lout-3.40-18.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-fd6ec50fa5 fastd-21-2.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing composer-1.10.16-1.el7 mozilla-https-everywhere-2020.8.13-1.el7 php-composer-xdebug-handler-1.4.4-1.el7 rpminspect-1.2-2.el7 rpminspect-data-fedora-1.2-1.el7 Details about builds: ================================================================================ composer-1.10.16-1.el7 (FEDORA-EPEL-2020-adf7ad0dfc) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.10.16** - 2020-10-24 * Added warning to `validate` command for cases where packages provide/replace a package that they also require * Fixed JSON schema validation issue with PHPStorm * Fixed symlink handling in `archive` command ---- **Version 1.10.15** - 2020-10-13 * Fixed path repo version guessing issue ---- **Version 1.10.14** - 2020-10-13 * Fixed version guesser to look at remote branches as well as local ones * Fixed path repositories version guessing to handle edge cases where version is different from the VCS- guessed version * Fixed COMPOSER env var causing issues when combined with the `global ` command * Fixed a few issues dealing with PHP without openssl extension (not recommended at all but sometimes needed for testing) -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 25 2020 Remi Collet <remi@xxxxxxxxxxxx> - 1.10.16-1 - update to 1.10.16 * Tue Oct 13 2020 Remi Collet <remi@xxxxxxxxxxxx> - 1.10.15-1 - update to 1.10.15 -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-2020.8.13-1.el7 (FEDORA-EPEL-2020-b790905b24) HTTPS enforcement extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information: - Fix port based whitelisting issue #19291 - Update documentation - Update dependencies (NPM and Chromedriver) - Minor code fixes in JS -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 26 2020 Russell Golden <niveusluna@xxxxxxxxxxxxxxxxx> - 2020.8.13-1 - Fix port based whitelisting issue #19291 - Update documentation - Update dependencies (NPM and Chromedriver) - Minor code fixes in JS -------------------------------------------------------------------------------- ================================================================================ php-composer-xdebug-handler-1.4.4-1.el7 (FEDORA-EPEL-2020-65f5f73964) Restarts a process without Xdebug -------------------------------------------------------------------------------- Update Information: **Version 1.4.4** - 2020-10-24 * Fix: exception if 'pcntl_signal' is disabled. -------------------------------------------------------------------------------- ChangeLog: * Sun Oct 25 2020 Remi Collet <remi@xxxxxxxxxxxx> - 1.4.4-1 - update to 1.4.4 -------------------------------------------------------------------------------- ================================================================================ rpminspect-1.2-2.el7 (FEDORA-EPEL-2020-ef06f3ca3c) Build deviation compliance tool -------------------------------------------------------------------------------- Update Information: Upgrade to rpminspect-1.2 -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 26 2020 David Cantrell <dcantrell@xxxxxxxxxx> - 1.2-1 - For BUILDTYPE=release, generate the correct type of changelog - Minor logic error in submit-koji-builds.sh - Fix reading existing spec file in submit-koji-builds.sh - Bump development build version to 1.2 - Use is_rebase() in the 'upstream' inspection - Use rpmtdSetIndex() and rpmtdGetString() in get_header_value() - Add get_rpmtag_fileflags() to files.c and call from extract_rpm() - Use correct Version and Release values in download_build() - #include <rpm/rpmfiles.h> -> #include <rpm/rpmfi.h> - Add the 'config' inspection to librpminspect - Rephrase reporting messages in the 'config' inspection - Add the 'doc' inspection to librpminspect - Update TODO list - Minor updates to try and make gate.sh more reliable - Add config and doc to the inspections list in generic.yaml - Rename the '%files' inspection to 'files' (#194) - Modify baseclass.py to allow 'before' and 'after' NVR tuples - Use the after tuple to override the NVR in test_abidiff.py - Use the after tuple to override the NVR in test_upstream.py - Write rpminspect output to a file in the test suite - Add 28 test cases for the 'config' inspection - Fix the errors in the 'config' inspection found by the test suite - Fix Python problems in the test suite reported by black and flake8 - Add Makefile targets for black and flake8 - One more formatting issue reporting by Python black in test_config.py - More 'python black' formatting errors reported for test_config.py - https://mandoc.bsd.lv -> http://mandoc.bsd.lv - Add a -D/--dump-config option to rpminspect(1) - Use global reported variable in 'config' inspection - Fix reporting errors in the 'doc' inspection - Add test_doc.py with 'doc' inspection test cases - Ignore flake8 W291 in test_doc.py where we explicitly want whitepsace. - Add init_rebaseable() to librpminspect - Check the rebaseable list in is_rebase() in librpminspect - Update TODO list - Define a new GitHub Action using utils/gate.sh - Update the README.md file - shellcheck fixes for utils/gate.sh - Use utils/find-ninja.sh to determine what ninja-build command to use - Install fedora-packager for the gate.yml GitHub Action - Remove before and after variables from gate.sh; unused - Remove unnecessary basename() calls in inspect_upstream.c - Do not assume an or bn contain strings in is_rebase() (#196) - Adjust what things run during with GitHub Actions - Add get_rpm_header_string_array() to librpminspect - Replace init_source() with get_rpm_header_string_array() in inspect_upstream.c - free() allocated output string in inspect_changelog.c on errors - s/10240/16384/ in archive_read_open_filename() call in unpack.c - Add the 'patches' inspection to librpminspect - Add uncompress_file() to librpminspect - Add filecmp() and use that in place of zcmp/bzcmp/xzcmp - README.md updates - Restrict some GitHub Actions to source code and test suite changes. - Only enable lz4 compression if ARCHIVE_FILTER_LZ4 is defined - Go ahead and wrap the rest of the libarchive compression filters - s/class Test/class /g - Make sure uncompress_file() supports xz compression - Handle more compressed file MIME types. - Add test_changedfiles.py to the test suite. - Add test_patches.py with test cases for the 'patches' inspection - flake8 fixes in the test suite - Python format fixes for test_changedfiles.py - Python format fixes in test_patches.py - More Python format fixes for test_patches.py - Remove unnecessary 'a' in DESC_PATCHES - Better explanation as to why the EmptyLicenseTag tests are skipped. - Test suite cleanup; add rebase= and same= to TestCompareSRPM - Black formatting fixes for the test suite. - Remove unused imports in test_upstream.py - Revert black fixes for test_config.py - Fix my email address in test suite source files. - Support single package URLs for before and after builds (#190) - Handle invalid/missing RPMs in get_product_release() - Use warnx(), errx(), and err() in src/rpminspect.c - Modify submit-koji-builds.sh to pick up all pkg-git branches. - Update the rpminspect.1 man page to reflect current status. - Update translation template files in po/ - Support relative directory paths for the -w option (#188) - Implement the 'virus' inspection and add test cases for it. - Update po/ template files - Python formatting fixes for test_virus.py - Update the osdeps/*/reqs.txt files. - More osdeps updates for the clamav needs - Install 'xz' for the 'style' GitHub Action - Fix a variety of small memory leaks in librpminspect - Stop the freshclam service for the Ubuntu gate job - Support slightly older versions of libclamav in inspect_virus.c - Add the 'politics' inspection to librpminspect. - In tearDown() in the test suite, call rpmfluff clean() methods - Add test_politics.py with 'politics' inspection test cases - Python black format fixes for test_politics.py - 'it should added' -> 'it should be added' - Increase the runtime timeout for test_virus.py - Install the timeout decorator on all OSes in our GitHub Actions - Install timeout-decorator with pip, not timeout - Expand librpminspect with support for SHA-224, SHA-384, and SHA-512 - Define DEFAULT_MESSAGE_DIGEST in constants.h and use that. - Replace some fprintf()/fflush() calls with warn()/warnx() calls - Rename the 'DT_NEEDED' inspection to 'dsodeps' - Rename 'LTO' inspection to 'lto' - Update translation template and fix two incorrect error strings. - Note all valid message digests in data/politics/GENERIC - Improve reporting in the patches inspection - Only fail 'changedfiles' for VERIFY and higher results - If 'removedfiles' only reports INFO messages, pass the inspection - If 'addedfiles' only reports INFO results, pass the inspection - If 'patches' only reports INFO results, pass the inspection - No need to check value of allowed in permissions_driver() - Do not let INFO results fail the 'doc' inspection. - Do not let all INFO results in 'upstream' fail the inspection - Fix RPMFILE_FLAGS handling for %config files (#221) - Still report file changes in the 'config' inspection for rebases - Correctly check RPMFILE_DOC flags in the 'doc' inspection - Include rpm/rpmfi.h insted of rpm/rpmfiles.h - Only check regular files and symlinks in the 'doc' inspection - Remove unnecessary assert() statements in filecmp() - Remove incorrect warnx() reportings based on filecmp() return value - Exclude man pages from the 'doc' inspection - Honor the -a command line option for downloads as well as runtime (#233) - Allow optional 'commands' block in the config file - Fix assorted non-critical memory leaks - Remove unnecessary warn() after a failed stat() - Additional memory fixes for the abidiff inspection (#244) - Free ELF symbol names list in find_lto_symbols() before return - Followup to the memory fixes for read_abi() and free_abi() - Prevent invalid pointer dereferencing in invalid result in 'patches' (#245) - Avoid reusing the same abi_pkg_entry_t struct in read_abi() - Allow a set of excluded path prefixes in 'pathmigration' - Fix the YAML parsing for the pathmigration block - Document the BRANCHES variable for 'make koji' - Include the .asc file when submitting new Koji builds (#191) - Include the .asc file in the spec file * Mon Oct 26 2020 David Cantrell <dcantrell@xxxxxxxxxx> - 1.2-1 - For BUILDTYPE=release, generate the correct type of changelog - Minor logic error in submit-koji-builds.sh - Fix reading existing spec file in submit-koji-builds.sh - Bump development build version to 1.2 - Use is_rebase() in the 'upstream' inspection - Use rpmtdSetIndex() and rpmtdGetString() in get_header_value() - Add get_rpmtag_fileflags() to files.c and call from extract_rpm() - Use correct Version and Release values in download_build() - #include <rpm/rpmfiles.h> -> #include <rpm/rpmfi.h> - Add the 'config' inspection to librpminspect - Rephrase reporting messages in the 'config' inspection - Add the 'doc' inspection to librpminspect - Update TODO list - Minor updates to try and make gate.sh more reliable - Add config and doc to the inspections list in generic.yaml - Rename the '%files' inspection to 'files' (#194) - Modify baseclass.py to allow 'before' and 'after' NVR tuples - Use the after tuple to override the NVR in test_abidiff.py - Use the after tuple to override the NVR in test_upstream.py - Write rpminspect output to a file in the test suite - Add 28 test cases for the 'config' inspection - Fix the errors in the 'config' inspection found by the test suite - Fix Python problems in the test suite reported by black and flake8 - Add Makefile targets for black and flake8 - One more formatting issue reporting by Python black in test_config.py - More 'python black' formatting errors reported for test_config.py - https://mandoc.bsd.lv -> http://mandoc.bsd.lv - Add a -D/--dump-config option to rpminspect(1) - Use global reported variable in 'config' inspection - Fix reporting errors in the 'doc' inspection - Add test_doc.py with 'doc' inspection test cases - Ignore flake8 W291 in test_doc.py where we explicitly want whitepsace. - Add init_rebaseable() to librpminspect - Check the rebaseable list in is_rebase() in librpminspect - Update TODO list - Define a new GitHub Action using utils/gate.sh - Update the README.md file - shellcheck fixes for utils/gate.sh - Use utils/find-ninja.sh to determine what ninja-build command to use - Install fedora-packager for the gate.yml GitHub Action - Remove before and after variables from gate.sh; unused - Remove unnecessary basename() calls in inspect_upstream.c - Do not assume an or bn contain strings in is_rebase() (#196) - Adjust what things run during with GitHub Actions - Add get_rpm_header_string_array() to librpminspect - Replace init_source() with get_rpm_header_string_array() in inspect_upstream.c - free() allocated output string in inspect_changelog.c on errors - s/10240/16384/ in archive_read_open_filename() call in unpack.c - Add the 'patches' inspection to librpminspect - Add uncompress_file() to librpminspect - Add filecmp() and use that in place of zcmp/bzcmp/xzcmp - README.md updates - Restrict some GitHub Actions to source code and test suite changes. - Only enable lz4 compression if ARCHIVE_FILTER_LZ4 is defined - Go ahead and wrap the rest of the libarchive compression filters - s/class Test/class /g - Make sure uncompress_file() supports xz compression - Handle more compressed file MIME types. - Add test_changedfiles.py to the test suite. - Add test_patches.py with test cases for the 'patches' inspection - flake8 fixes in the test suite - Python format fixes for test_changedfiles.py - Python format fixes in test_patches.py - More Python format fixes for test_patches.py - Remove unnecessary 'a' in DESC_PATCHES - Better explanation as to why the EmptyLicenseTag tests are skipped. - Test suite cleanup; add rebase= and same= to TestCompareSRPM - Black formatting fixes for the test suite. - Remove unused imports in test_upstream.py - Revert black fixes for test_config.py - Fix my email address in test suite source files. - Support single package URLs for before and after builds (#190) - Handle invalid/missing RPMs in get_product_release() - Use warnx(), errx(), and err() in src/rpminspect.c - Modify submit-koji-builds.sh to pick up all pkg-git branches. - Update the rpminspect.1 man page to reflect current status. - Update translation template files in po/ - Support relative directory paths for the -w option (#188) - Implement the 'virus' inspection and add test cases for it. - Update po/ template files - Python formatting fixes for test_virus.py - Update the osdeps/*/reqs.txt files. - More osdeps updates for the clamav needs - Install 'xz' for the 'style' GitHub Action - Fix a variety of small memory leaks in librpminspect - Stop the freshclam service for the Ubuntu gate job - Support slightly older versions of libclamav in inspect_virus.c - Add the 'politics' inspection to librpminspect. - In tearDown() in the test suite, call rpmfluff clean() methods - Add test_politics.py with 'politics' inspection test cases - Python black format fixes for test_politics.py - 'it should added' -> 'it should be added' - Increase the runtime timeout for test_virus.py - Install the timeout decorator on all OSes in our GitHub Actions - Install timeout-decorator with pip, not timeout - Expand librpminspect with support for SHA-224, SHA-384, and SHA-512 - Define DEFAULT_MESSAGE_DIGEST in constants.h and use that. - Replace some fprintf()/fflush() calls with warn()/warnx() calls - Rename the 'DT_NEEDED' inspection to 'dsodeps' - Rename 'LTO' inspection to 'lto' - Update translation template and fix two incorrect error strings. - Note all valid message digests in data/politics/GENERIC - Improve reporting in the patches inspection - Only fail 'changedfiles' for VERIFY and higher results - If 'removedfiles' only reports INFO messages, pass the inspection - If 'addedfiles' only reports INFO results, pass the inspection - If 'patches' only reports INFO results, pass the inspection - No need to check value of allowed in permissions_driver() - Do not let INFO results fail the 'doc' inspection. - Do not let all INFO results in 'upstream' fail the inspection - Fix RPMFILE_FLAGS handling for %config files (#221) - Still report file changes in the 'config' inspection for rebases - Correctly check RPMFILE_DOC flags in the 'doc' inspection - Include rpm/rpmfi.h insted of rpm/rpmfiles.h - Only check regular files and symlinks in the 'doc' inspection - Remove unnecessary assert() statements in filecmp() - Remove incorrect warnx() reportings based on filecmp() return value - Exclude man pages from the 'doc' inspection - Honor the -a command line option for downloads as well as runtime (#233) - Allow optional 'commands' block in the config file - Fix assorted non-critical memory leaks - Remove unnecessary warn() after a failed stat() - Additional memory fixes for the abidiff inspection (#244) - Free ELF symbol names list in find_lto_symbols() before return - Followup to the memory fixes for read_abi() and free_abi() - Prevent invalid pointer dereferencing in invalid result in 'patches' (#245) - Avoid reusing the same abi_pkg_entry_t struct in read_abi() - Allow a set of excluded path prefixes in 'pathmigration' - Fix the YAML parsing for the pathmigration block - Document the BRANCHES variable for 'make koji' - Include the .asc file when submitting new Koji builds (#191) - Include the .asc file in the spec file -------------------------------------------------------------------------------- ================================================================================ rpminspect-data-fedora-1.2-1.el7 (FEDORA-EPEL-2020-1e1f8c28d4) Build deviation compliance tool data files -------------------------------------------------------------------------------- Update Information: Upgrade to rpminspect-1.2 ---- Require external programs used by some rpminspect inspections (e.g., abidiff) -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 26 2020 David Cantrell <dcantrell@xxxxxxxxxx> - 1.2-1 - More fixes for submit-koji-builds.sh - Increment development work version to 1.2 - Rename '%files' to 'files'; add 'config' and 'doc' to inspections - Remove the politics/ subdirectory and the files in it. - Add 'politics' and 'virus' to the fedora.yaml config file. - s/DT_NEEDED/dsodeps/g in fedora.yaml - Require optional packages used by enabled inspections. - Add excluded_paths block to the pathmigration block - Adjust the pathmigration block to have 'migrated_paths' - Update rpminspect-data-fedora.spec.in - Updates to the 'make koji' process * Mon Oct 12 2020 David Cantrell <dcantrell@xxxxxxxxxx> - 1.1-2 - Add explicit Requires for packages needed for inspections (#1887426) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1887426 - rpminspect-data-fedora is missing a dependency on libabigail https://bugzilla.redhat.com/show_bug.cgi?id=1887426 -------------------------------------------------------------------------------- _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx